<?php
    function cleanQuery($string)
    {        
        if(empty($string)) return $string;
        $string = mysql_escape_string(trim($string));
        
        $badWords = array(
            "/Select(.*)From/i"
            , "/Union(.*)Select/i"
            , "/Update(.*)Set/i"
            , "/Delete(.*)From/i"
            , "/Drop(.*)Table/i"
            , "/Insert(.*)Into/i"                
            , "/http/i"
            , "/--/i"
        );
        
        $string = preg_replace($badWords, "", $string);

        return $string;
    }
    
    function getImage($nameImage, $folder, $date='', $type='')
    {        
        if($type!='')
            $nameImage=$type.'_'.$nameImage;
        if($date!='')
            return baseUrl() . "upload/" . $folder . "/" . date("Y", $date) . "/" . date("md", $date) . "/" . $nameImage;
        else
            return baseUrl() . "upload/" . $folder . "/" . $nameImage;
    }
    
    function getUser($refCode)
    {
        $sql = "SELECT id, username FROM c_user WHERE refCode='" . mysql_escape_string($refCode) . "'";        
        $result = @mysql_query($sql);    
        $rows = @mysql_fetch_assoc($result);                
        return $rows;
    }
    
    function getSms($list_sms_id)
    {
        $sql = "SELECT * FROM c_sms_kute WHERE id IN (" . $list_sms_id . ")";
        $result = @mysql_query($sql);    
        $rows = array();
        while($row = @mysql_fetch_assoc($result)){
            $rows[] = $row;
        }
        
        return $rows;
    }
    
    function getSmsConfig($eventId)
    {
        $sql = "SELECT * FROM c_sms_kute WHERE eventId=" . $eventId . " ORDER BY create_date DESC";        
        $result = @mysql_query($sql);    
        $rows = array();
        while($row = @mysql_fetch_assoc($result)){
            $rows[] = $row;
        }
        
        return $rows;        
    }
    
    function getSmsNew($eventId)
    {
        $sql = "SELECT * FROM c_sms_kute WHERE eventId='" . $eventId . "' ORDER BY create_date DESC LIMIT 30";
        $result = @mysql_query($sql);    
        $rows = array();
        while($row = @mysql_fetch_assoc($result)){
            $rows[] = $row;
        }
        
        return $rows;
    }
    
    function getLastestActive($data)
    {
        $sql = "SELECT id, create_date, level FROM c_application_active WHERE `appRegisterId`=" . $data["appId"] . " ORDER BY create_date DESC LIMIT 1";          
        $result = @mysql_query($sql);    
        $rows = @mysql_fetch_assoc($result);        
        return $rows;    
    }
    
    function encrypt($encrypt, $key=null){          
        $encrypt = trim($encrypt);  
        $block = mcrypt_get_block_size(MCRYPT_RIJNDAEL_128, MCRYPT_MODE_ECB);          
        $len = strlen($encrypt);  
        $padding = $block - ($len % $block);  
        $encrypt .= str_repeat(chr($padding), $padding);    
        
        $iv = mcrypt_create_iv(mcrypt_get_iv_size(MCRYPT_RIJNDAEL_128, MCRYPT_MODE_ECB), MCRYPT_RAND);
        $encrypted = mcrypt_encrypt(MCRYPT_RIJNDAEL_128, $key, $encrypt, MCRYPT_MODE_ECB, $iv);  
        
        return base64_encode($encrypted);  
    }
?>
